Skip navigation
2018

Severity: Medium

 

Summary: An API call that is used to retrieve a user image on Tableau Server lacks an access control check resulting in the possibility for an authenticated user to obtain the image of a user on another site. 

 

Impact: This vulnerability allows an authenticated user to obtain the image of a user on another site. 

 

Vulnerable Versions: The following versions of Tableau Server are vulnerable

Tableau Server: 10.1 through 10.1.12
Tableau Server: 10.2 through 10.2.7
Tableau Server: 10.3 through 10.3.5
Tableau Server: 10.4 through 10.4.1
Tableau Server: 10.5 through 10.5.0

 

Resolution:  The issue can be fixed by upgrading to the following version:

Tableau Server: 10.1.13
Tableau Server: 10.2.8
Tableau Server: 10.3.7
Tableau Server: 10.4.3
Tableau Server: 10.5.1

Severity: Medium

 

Summary: An API call lacks an authorization check in a function. This vulnerability may result in disclosing a friendly user name for a user on another site on the Tableau Server.  The vulnerable API may be called by any authenticated user on a site. 

 

Impact: Disclosure of a friendly username of a user on another site. 

 

Vulnerable Versions: The following versions of Tableau Server are Vulnerable

Tableau Server: 9.1 through 9.1.21
Tableau Server: 9.2 through 9.1.20
Tableau Server: 9.3 through 9.3.18
Tableau Server: 10.0 through 10.0.14
Tableau Server: 10.1 through 10.1.12
Tableau Server: 10.2 through 10.2.7
Tableau Server: 10.3 through 10.3.5
Tableau Server: 10.4 through 10.4.1
Tableau Server: 10.5 through 10.5.0

 

Resolution:  The issue can be fixed by upgrading to the following version:

Tableau Server: 9.1.22
Tableau Server: 9.2.21
Tableau Server: 9.3.19
Tableau Server: 10.0.15
Tableau Server: 10.1.13
Tableau Server: 10.2.8
Tableau Server: 10.3.7
Tableau Server: 10.4.3
Tableau Server: 10.5.1

Severity: Medium

 

Summary: Dashboard web objects in Tableau Desktop can execute untrusted javascript and may therefore be vulnerable to information disclosure through Spectre vulnerability (CVE-2017-5753 and CVE-2017-5715).

 

Web data connectors on Tableau Server and Tableau Desktop execute javascript code and therefore, may also be vulnerable to SpectreAs a mitigation for Tableau Server, you can configure a safe list so web data connectors can only run from trusted URLs. See Web Data Connectors.

 

Impact: This vulnerability may allow an attacker to read some memory in the same process the executes the untrusted javascript code. 

 

Vulnerable Versions: The following versions of Tableau Desktop and Tableau Server are Vulnerable

Tableau Desktop and Server: 9.1 through 9.1.21
Tableau Desktop and Server: 9.2 through 9.2.20
Tableau Desktop and Server: 9.3 through 9.3.18
Tableau Desktop and Server: 10.0 through 10.0.14
Tableau Desktop and Server: 10.1 through 10.1.12
Tableau Desktop and Server: 10.2 through 10.2.7
Tableau Desktop and Server: 10.3 through 10.3.5
Tableau Desktop and Server: 10.4 through 10.4.1
Tableau Desktop and Server: 10.5 through 10.5.0

 

Resolution:  The issue can be fixed by upgrading to the following version:

Tableau Desktop and Server: 9.1.22
Tableau Desktop and Server: 9.2.21
Tableau Desktop and Server: 9.3.19
Tableau Desktop and Server: 10.0.15
Tableau Desktop and Server: 10.1.13
Tableau Desktop and Server: 10.2.8
Tableau Desktop and Server: 10.3.7
Tableau Desktop and Server: 10.4.3
Tableau Desktop and Server: 10.5.1

Severity: High

 

Summary: A heap overflow vulnerability in Tableau Server and Tableau Desktop may result in code execution. To exploit this vulnerability on Tableau Server, the attacker must be an authenticated user with the ability to publish views or workbooks. On Tableau Desktop, this vulnerability is exploited when a user opens a malicious file.

 

Impact: An attacker exploiting this vulnerability may be able to execute arbitrary code or cause a crash.

 

Vulnerable Versions: The following versions of Tableau Desktop and Tableau Server are vulnerable

Tableau Desktop and Server: 9.1 through 9.1.21
Tableau Desktop and Server: 9.2 through 9.1.20
Tableau Desktop and Server: 9.3 through 9.3.18
Tableau Desktop and Server: 10.0 through 10.0.14
Tableau Desktop and Server: 10.1 through 10.1.12
Tableau Desktop and Server: 10.2 through 10.2.7
Tableau Desktop and Server: 10.3 through 10.3.5
Tableau Desktop and Server: 10.4 through 10.4.1
Tableau Desktop and Server: 10.5 through 10.5.0

 

Resolution:  The issue can be fixed by upgrading to the following version:

Tableau Desktop and Server: 9.1.22
Tableau Desktop and Server: 9.2.21
Tableau Desktop and Server: 9.3.19
Tableau Desktop and Server: 10.0.15
Tableau Desktop and Server: 10.1.13
Tableau Desktop and Server: 10.2.8
Tableau Desktop and Server: 10.3.7
Tableau Desktop and Server: 10.4.3
Tableau Desktop and Server: 10.5.1

 

Acknowledgement:  This vulnerability was discovered by Kushal Arvind Shah of Fortinet's FortiGuard Labs.